You are here
Home > News > Technology

China’s secret space weapons could kill 90% of people on US mainland in ‘first strike’ EMP attack …

Something to make you calm and relaxed over your Corn Flakes. Usual warnings about hyperbole from pressure groups apply...: [...] The report by the EMP Task Force on Homeland and National Security, a coalition of industry, security and government officials, lays bare a doomsday scenario of a preemptive attack. EMPs use low-yield nuclear weapons detonated in the atmosphere to create a wave of energy that fries electronic equipment and may knock out the power grid. A cyb

Microsoft Previews Windows Defender ATP for Android

If you're not already looking at ATP to protect your endpoints and cloud assets, maybe the Linux and Android coverage might persuade you to take a look...: [...] The Linux version of Microsoft's software represents yet another move by the company to extend its tools beyond its Windows-based platforms. "This release marks an important moment for all Microsoft Defender ATP customers when Microsoft Defender ATP becomes a truly unified solution to secure the full spectrum of ...

Windows 10 June 2020 updates cause forced reboots, LSASS crashes

You might want to weigh up the security fixes in this release with the potential to cause problems...: [...] Microsoft has not yet formally acknowledged this issue (no new support document has been published or new known issues have been added to the Windows 10 health dashboard so far) and an official fix for this problem is not yet available. However, as the company explains, Redmond's developers are working on a resolution to be provided to affected customers as part of

NIST Provides Important Guidance For IOT Industry

If you're looking to buy IoT devices, start looking for compliance to the NIST guidance...: [...] NISTIR 8259 “Foundational Cybersecurity Activities for IoT Device Manufacturers” provides six activities that IOT manufacturers can use to inform primarily the manufacturing of new devices: Identify expected customers and users, and define expected use cases. Research customer cybersecurity needs and goals. Determine how to address customer needs and goals. Plan fo

Why AI Is The Future Of Remote Security Monitoring

This is about using AI on video feeds, not AI in the SOC to provide triage of potential security events. I've seen vendors hype-up AI for the latter case but, given that security teams are cautious about even using simple automation, I've not seen any adoption of 'proper' AI across by client base...: [...] Digitally-enabled remote cameras capable of night vision, infrared, and thermal imaging video streaming provide AI-based video recognition systems the data they need to pr

Senators ask Juniper for the results of its 2015 NSA backdoor investigation

When the NSA and other three-letter agencies talk about the threat of back doors being inserted in foreign manufactured equipment remember, they have their own experience in this field...: [...] Details about a backdoor in Juniper products first came to light in December 2015. Members of the cyber-security community discovered what looked like a change of a secret access key inside the source code of ScreenOS, an operating system running on NetScreen, Juniper's line of firew

UK to Launch Huawei Cyber Security Review Amid US Trade Tensions

It's impossible to unscramble the mix of geopolitics and genuine security concerns associated with the rollout of 5G. I believe all of the supply chain for 5G should be security reviewed as this is likely to be embedded in a lot of 21st Century services...: [...] While Boris Johnson had initially shown reticence toward the idea of kicking out the telecom giant, the new emergency cyber security review could be a turning point over the issue—especially in light of heightening

Singapore’s Contact Tracing Wearable Causes Privacy Backlash

Singapore is ahead of most Western nations in terms of experience with track & trace. We should watch and learn from their plan to abandon apps and move to function-specific devices. It has shades of house arrest, but positioning it as a 'Fitbit for Covid-19' might just make it acceptable...: [...] Wilson Low, who started the petition, in a Sunday post voiced concerns about the wearables potentially allowing contact tracers to locate users’ whereabouts based on their pro

Understanding cyber threats to APIs

Apart from ubiquitous APIs like Google Maps, most of my experience has been with APIs for enterprise security platforms. They tend to adopt a "everything allowed" once you have authenticated so need a lot of care in setting up, testing, and credential management...: [...] In addition to its focus on risks to general software applications, OWASP has also provided useful guidance for API developers to reduce security risk in their implementations. Given the prominence of the O

MOT future updates may see cars tested for cyber security to avoid being hacked

As reported by the mainstream media in the UK. I'd also like to see PAT testing extended to include some elements of data security...: MOT tests may soon introduce the clause when driverless cars hit the road to ensure safety and quality standards are maintained for road users. The new safety standard known as CAV PASS, will help minimise defects ahead of testing and wider deployment of autonomous cars on UK roads. The new measures will first focus on enabling trial